# /usr/ports/security/Makefile.local by jhs_ERASE_@berklix.com .include "../Makefile.undef" # BERKLIX_CLIENT do not need this, but added both to regularly test these, # & for if I want to run local tests, & in case I build a gate with # BERKLIX_CLIENT forgetting to define BERKLIX_GATE # SUBDIR += amavisd-new # rec. by Xin LI delphij@@delphij.net # 8.2-RELEASE dependency mail/p5-Mail-SpamAssassin breaks. # Do not install untill I have tried it. # somewhat CPU hungry if you have # high e-mail volume, consider # deploying multiple layer of # delivery system (multiple MX # serving anti-spam purpose, and # deliver to a group of backend # system; this could be an overkill # for small to medium sized companies, # though). .if (defined(BERKLIX_SERVER) ) #{ .if ( ${OSVERSION} <= 603000 ) # { SUBDIR += cyrus-sasl # In 4.11 - 6.3, Not in 6.4, 7.1, 7.2, 7.4, 8.0, 8.2, 8.3, 9.0 .else # }{ SUBDIR += cyrus-sasl2 # http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html # NOTE: This port has been compiled with a default pwcheck_method of # auxprop. If you want to authenticate your user by /etc/passwd, # PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and # set sasl_pwcheck_method to saslauthd after installing the # Cyrus-IMAPd 2.X port. You should also check the # /usr/local/lib/sasl2/*.conf files for the correct # pwcheck_method. # I want this port for my src/ & sendmail, but its also used by other ports: # 12.0 pkg remove cyrus-sasl-2.1.27 # Installed packages to be REMOVED: # cyrus-sasl-2.1.27 # mutt-1.12.1 # liblinphone-3.12.0_1 # cyrus-imapd24-2.4.20_2 # claws-mail-3.17.3_1 # libetpan-1.9.3 # mysql57-client-5.7.26 # linphone-4.1.1_5,1 # mythtv-30.0_3,1 # p5-DBD-mysql-4.050 # py27-MySQLdb-1.2.5_1 # libreoffice-6.2.4_2 # mysql57-server-5.7.26_1 # qt5-sqldrivers-mysql-5.12.2 # asterisk13-13.27.1 # mythplugin-mythmusic-30.0 # digikam-6.0.0_3 # akonadi-19.04.2_1 # kgpg-19.04.2_1 # akonadi-contacts-19.04.2 # akonadi-mime-19.04.2_1 .endif # } ${OSVERSION} # SUBDIR += cyrus-sasl2-saslauthd # http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html # cyrus-sasl2-saslauthd is a dependency built by cyrus-sasl2 # At 2013-07-11 there is no /var/db/pkg/*saslauthd* on gate or both remotes, .endif # } defined(BERKLIX_SERVER) .if ( defined(BERKLIX_CLIENT) ) #{ SUBDIR += gnupg # For /usr/local/bin/gpg for exmh etc. Replaces pgp. # includes gpg-agent for claws-mail .endif # } BERKLIX_CLIENT .if ( defined(BERKLIX_CLIENT) || defined(BERKLIX_GATE) || \ defined(BERKLIX_SERVER) ) #{ SUBDIR += nmap # A port Scanner .endif # } .if ( defined(BERKLIX_CLIENT) ) #{ .if ${ARCH} != "i386" # {{ # pgp-2.6.3i_1 is only for i386 alpha, and you are running amd64. .else # }{ # SUBDIR += pgp # I now use free gnupg .endif # }} # pgp pgp6 pgpdump pgpgpg pgpin # gnome-gpg gpgme gpgme03 kgpg libgpg-error nofgpg pgpgpg ruby-gpgme .if ( ${OSVERSION} != 802000 ) #{ 8.2-RELEASE, OK on 8.3 .ifdef BERKLIX_AMBITIOUS #{ # SUBDIR += gnome-gpg # installs on i386 & amd64 .endif #} .endif #} ${OSVERSION} # Simple commandline wrapper around gpg that makes it store # its passphrase in gnome-keyring. It is a direct competitor # to (the unmaintained) quintuple-agent. .if ( ${OSVERSION} == 900044) #{ # Kgpg is a simple, free, open source KDE frontend for GnuPG. # 9.0 builds OK # 8.2 & 8.3: conflicts with installed package(s): kdeutils-3.5.10_9 SUBDIR += kgpg # installs on i386 & amd64 .endif #} ${OSVERSION} .ifdef BERKLIX_AMBITIOUS #{ SUBDIR += openssl # for `cd x11-servers/xorg-server ; make reinstall` # In 10.2-RELEASE I patched this out, cos openssl breaks ftp/curl # & ftp/curl needed by 5+ ports. #=============== # To: ports@@@freebsd.org # cc: brnrd@@@FreeBSD.org # Subject: on current, pkg install openssl kills pkg # From: "Julian H. Stacey" # Organization: http://berklix.eu BSD Linux Unix Consultants, Munich Germany # User-agent: EXMH on FreeBSD http://www.berklix.eu/free/ # X-From: http://www.berklix.eu/~jhs/ # Fcc: sent # # Hi ports@@@freebsd.org # cc brnrd@@@FreeBSD.org maintaine= of ports/security/openssl # # On current, 12.0-ALPHA9, this kills pkg: # pkg install openssl # # uname -r # 12.0-ALPHA9 # cd /usr/src # cat .ctm_status # src-cur 13733 # cat .svn_revision # 339303 # # pkg install openssl # Updating FreeBSD repository catalogue... # FreeBSD repository is up to date. # All repositories are up to date. # The following 1 package(s) will be affected (of 0 checked): # New packages to be INSTALLED: # openssl: 1.0.2p_1,1 # Number of packages to be installed: 1 # The process will require 12 MiB more space. # 3 MiB to be downloaded. # [1/1] Fetching openssl-1.0.2p_1,1.txz: 100% 3 MiB 626.9kB/s 00:05 # Checking integrity... done (0 conflicting) # [1/1] Installing openssl-1.0.2p_1,1... # [1/1] Extracting openssl-1.0.2p_1,1: 100% # Message from openssl-1.0.2p_1,1: # Edit /usr/local/openssl/openssl.cnf to fit your needs. # # pkg install openvpn # ld-elf.so.1: /usr/local/lib/libcrypto.so.9: version # OPENSSL_1_1_0 required bysr/local/lib/libpkg.so.4 not defined # # That ld-elf message was rather too opaque for me. # I fumbled with various libs to no good effect, copying from another host, # & reinstalling from current ports/ports-mgmt/pkg etc, # Nothing fixed it till I used another AMD+NFS mounted current host: # # /host/lapr/usr/local/sbin/pkg delete openssl # # Comments please ? Meaning ? How to prevent / fix it ? # # its just that one package, I'm rebuilding & up to here OK: # pkg info -a | wc -l # 1062 # using # foreach i ( `fetch -o - http://berklix.com/~jhs/src/bsd/fixes/freebsd/packages/to_pkg_install` ) # echo DOING $i # pkg install -y $i # done # # Ive removed openssl from my list of package to install, nothing else wants it so far. # It used to be in my ports/security/Makefile.inc to support # cd /usr/ports/x11-servers/xorg-server;make # But I'll just leave it to automatic depend from now on. # # Cheers, # Julian #=============== .endif #} SUBDIR += openvpn # jim rec.s for proxy 2018-07 SUBDIR += pgpgpg # installs on i386 & amd64 # a wrapper around Gnu Privacy Guard which takes PGP 2.6 # command line options, translates them, and calls GnuPG (Gnu # Privacy Guard) to perform the desired action. WWW: # http://www.nessie.de/mroth/pgpgpg/ .endif #} BERKLIX_CLIENT .if ( defined(BERKLIX_CLIENT) || defined(BERKLIX_GATE) || \ defined(BERKLIX_SERVER) ) #{ # SUBDIR += portaudit Doesnt exist on 12.0-CURRENT-2017-11-15 .endif #} (defined(BERKLIX_CLIENT) || defined(BERKLIX_GATE) || # defined(BERKLIX_SERVER)) .if ( defined(BERKLIX_CLIENT) || defined(BERKLIX_GATE) || \ defined(BERKLIX_SERVER) ) #{ # SUBDIR += portscanner # trace open ports on firewall Doesnt exist on 12.0-CURRENT-2017-11-15 .endif #} (defined(BERKLIX_CLIENT) || defined(BERKLIX_GATE) || # defined(BERKLIX_SERVER)) .if ( defined(BERKLIX_CLIENT) ) #{ .if ${OSVERSION} <= 802000 # { # quintuple-agent is in 8.2-RELEASE, # disapeared from current by Tue Jul 5 15:26:20 CEST 2011 # not in 8.3-RELEASE # SUBDIR += quintuple-agent # bin/q-client for exmh pgpGetExtCmd Doesnt exist on 12.0-CURRENT-2017-11-15 .endif #} ${OSVERSION} .endif #} BERKLIX_CLIENT SUBDIR += sudo # Super user .ifdef BERKLIX_AMBITIOUS #{ .ifdef BERKLIX_CLIENT #{ # SUBDIR += clamav # "David Wolfskill (postmaster@@@freebsd.org)" # uses this on catwhisker .endif # } .endif # } .ifdef BERKLIX_CLIENT #{ SUBDIR += tor # Anonymizing overlay network for TCP .endif # } .ifdef BERKLIX_CLIENT #{ SUBDIR += wpa_supplicant # see also ../security/wpa_supplicant .endif # }